<%@ page language="java" contentType="text/html; charset=UTF-8"
         pageEncoding="UTF-8"%>
<%@ page import="java.sql.*"%>
<%@ page import="java.security.*"%>
<%@ page import="elibrary.*" %>
<%@ page language="java" import="java.util.*"%>
<%@ include file="config.jsp" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Insert title here</title>
    </head>
    <body>

        <%

        //getting the user id to check if an admin is logged in and if he is not then he is sent to the index page


        String uid=(String)session.getAttribute("uid");
        if(uid==null||uid.equals(""))
        {
                response.sendRedirect("index.jsp");
        }

        int type=Integer.parseInt((String)session.getAttribute("type"));
        if(type!=3)
        {
                 response.sendRedirect("home.jsp");
        }

        // encryption of the userid is done

        DesEncrypter encrypter = new DesEncrypter();
        int uid1 = Integer.parseInt(encrypter.decrypt(uid));
        Connection con=DaoConnection.getcon(connectURL, DBuser, DBpass);
        Statement st=con.createStatement();
        ResultSet rs=st.executeQuery("SELECT * from USERS WHERE UID="+uid1);
        rs.next();


        //the new user's details are entered in the database

        String username=request.getParameter("username");
        String password=request.getParameter("password");
        int ut=Integer.parseInt(request.getParameter("type"));
        String fname=request.getParameter("fname");
        String lname=request.getParameter("lname");
        String email=request.getParameter("email");

        Statement stmt = null;
        ResultSet results = null;
        try{
	
                stmt=con.createStatement();
	
                String str="INSERT INTO USERS (USERNAME,PASSWORD, FNAME, LNAME, EMAIL, SECRETQUESTION, SECRETANSWER, USERTYPE) VALUES ('"+username+"','"+password+"','"+fname+"','"+lname+"','"+email+"','secretquestion','secretanswer',"+ut+")";
            stmt.executeUpdate(str);

            session.setAttribute("message", "User registered succesfully.");
                response.sendRedirect("userRegistration.jsp");
        }catch(Exception e){
             out.println(e.toString());
             out.println("ERROR!!");
             e.printStackTrace();
         }
        %>

    </body>
</html>